18.104.22.168 Risk Analysis Activity.
Analysis begins with a detailed study of the critical risk events that have been identified. The objective is to gather enough information about the risks to judge the probability of occurrence and the impact on cost, schedule, and performance if the risk occurs.
Impact assessments are normally subjective and based on
detailed information that may come from:
- Comparisons with similar systems,
- Relevant lessons-learned studies,
- Results from tests and prototype development,
- Data from engineering or other models,
- Specialist and expert judgments,
- Analysis of plans and related documents,
- Modeling and simulation,
- Sensitivity analysis of alternatives.
Depending on the particular technique and the risk being analyzed, some supporting analysis may be necessary, i.e., analysis of contractor processes, such as design, engineering, fault tree analysis, engineering models, simulation, etc. Analyses provide the basis for subjective assessments.
A critical aspect of risk analysis is data collection.
Two primary sources of data are interviews of subject-matter experts and
analogy comparisons with similar systems. Paragraph 5.4 contains a
procedure for collecting both types of data for use in support of the
techniques listed in Table 2-1. Periodically, sets of risks need to be
prioritized in preparation for risk handling, and aggregated to support
program management reviews. Paragraph 5.5, Risk
Prioritization, describes methods for accomplishing this.
Risk Assessment Technique
Applicable Acquisition Phases
Applicable Risk Areas & Processes
|Plan Evaluation/Risk Identification
||Program Plans and critical communications with the developer|
|Product (WBS) Risk Assessment
||All phases starting with the completion of the Contract WBS
||All critical risk areas except threat, requirements, cost, and schedule|
|Process (DoD 4265.7-M) Risk Assessment
||All phases, but mainly late SDD
||All critical risk processes|
|Cost Risk Assessment
||Cost critical risk areas|
|Schedule Risk Assessment
||Schedule critical risk areas|
Table 2-1. Risk Assessment Approaches